Pelco Digital Sentry Video Management System sees action on a global basis across several sectors including commercial facilities.

The affected system contains hard-coded credentials that may allow an attacker to gain access to confidential information or execute code on the affected system.

CVE-2016-4520 is the case number assigned to this vulnerability, which Schneider Electric assigned a CVSS v3 base score of 8.6.

No known public exploits specifically target this vulnerability. However, an attacker with a low skill would be able to exploit this vulnerability.

Schneider Electric has produced new firmware, Version 7.14, for the Pelco Digital Sentry Video Management System, which addresses the identified vulnerability. Click here for the new firmware, Version 7.14.